Cyber News

Typing Terminal Text
 

"Substantial proportion" of Americans may have had health and personal data stolen in Change Healthcare breach

UnitedHealth Group has given an update on the February cyberattack on Change Healthcare, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying:

On Wednesday February 21, 2024, Change Healthcare experienced serious system outages due to the cyberattack. The incident led to widespread billing outages, as well as disruptions at pharmacies across the United States.

The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the

Google ad for Facebook redirects to scam

Today, we are looking at a malicious ad campaign targeting Facebook users via Google search. It is well-known that tech support scammers attract new victims by buying ads for certain keywords related to their audience.

What is perhaps less known is how it is even possible to impersonate top brands and get away with it. We will try to respond to the ‘how they do it’ and the ‘why is Google allowing this’ questions.

Such malvertising attacks are not new and the damage they cause to consumers is g

Visa crackdown against spyware swindlers.

The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a GooseEgg. The White House and HHS update HIPAA rules to protect private medical data. Keyboard apps prove vulnerable. A New Hampshire hospital suffers a data breach. Microsoft’s DRM may be vulnerable to compromise. On our Industry Voices segment, Ian Leather

Concerned About Your Online Privacy in 2024? You Are Not the Only One.

Today, using mobile apps is inevitable. It’s no longer a matter of professional or business use. You use an application for your personal matters too, like buying groceries, booking events, searching for information, or staying connected with your friends and family.

Using so many apps today may look harmless, but did you know it comes with a cost? And that to, your own data? That’s what a recent study highlighted after analyzing a hundred apps, many of which are invading your online privacy by

Apple Removed Numerous Apps From China App Store

Apple users in China may no longer find various popular apps, such as WhatsApp and Telegram, on the App Store. Apple seemingly removed these apps from the App Store following the Chinese government orders that bar most foreign apps in China.

Apple App Store China No Longer Includes WhatsApp, Signal, And Two Other Apps

According to Reuters, Apple has removed some popular messaging from its App Store version for China, citing security concerns. This move seemingly implements a government order b

Palo Alto Networks Patched A Pan-OS Vulnerability Under Attack

A critical zero-day vulnerability in Palo Alto networks Pan-OS firewall has received an emergency fix following active exploitation. The vulnerability lets an attacker execute arbitrary codes on vulnerable devices under specific conditions. Given the active exploitation of the flaw, users must rush to update their devices with the hotfixes to prevent the threat.

Earlier this week, Palo Alto warned users about a critical severity vulnerability that it classified as a zero-day. The vulnerability

The Future of Automated Testing with DAQ

Introduction to the New Era

Automated testing is transforming, morphing into an even more essential cog in the machinery of modern development and manufacturing processes. Among the champions leading this charge is Data Acquisition (DAQ), a technology that’s steadily reimagining what it means to test, analyze, and improve. The intersection of DAQ with automated testing heralds not just a future of efficiency, but one rich with potential and vibrancy, inviting professionals and enthusiasts alike

A week in security (April 15 - April 21)


• Should you share your location with your partner?
• What makes some zero-day vulnerabilities more valuable than others?
• Turning back the clock on encryption: How to perform ransomware backups in one-click
• ThreatDown earns highest ratings across EDR and MDR categories in G2 Spring 2024 results
• FakeBat campaign continues, now also targeting VMware users

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices

Billions of scraped Discord messages up for sale

Four billions public Discord messages are for sale on an internet scraping service called Spy.pet.

At first sight there doesn’t seem to be much that is illegal about it. The messages were publicly accessible and there are no laws against scraping data. However, it turns out the site did disregard some laws: more on that later.

To get this amount of data the platform gathered information from 14,201 servers about 627,914,396 users.

The way in which Spy.pet organized the information could turn

Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09

This week on the Lock and Code podcast…

Our Lock and Code host, David Ruiz, has a bit of an apology to make:

When the Lock and Code podcast explored online harassment and abuse this year, our guest provided several guidelines and tips for individuals to lock down their accounts and remove their sensitive information from the internet, but larger problems remained. Content moderation is failing nearly everywhere, and data protection laws are unequal across the world.

When we told the true tale

Renewed surveillance sparks controversy.

Section 702 gets another two years. MITRE suffers a breach through an Ivanti VPN. CrushFTP urges customers to patch an actively exploited flaw. SafeBreach researchers disclose vulnerabilities in Windows Defender that allow remote file deletion. Ukrainian soldiers see increased attention from data-stealing apps. GitHub’s comments are being exploited to distribute malware. VW confirms legacy Chinese espionage and data breaches. CISA crowns winners of the President’s Cup Cybersecurity Competition.

Cloud Architect vs Detection Engineer: Mutual benefit.

In this episode of CyberWire-X, N2K CyberWire’s Podcast host Dave Bittner is joined by Brian Davis, Principal Software Engineer, and Thomas Gardner, Senior Detection Engineer, both from Red Canary. They engage in a cloud architect vs. detection engineer discussion. Through the conversation, they illustrate how one person benefits the other's work and how they work together. Red Canary is our CyberWire-X episode sponsor.

Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3)

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.

In this episode, we shift our point of view to provide guidance for an individual's first career or perhaps considering a career change transitioning into the field. We discuss a market-driven approach to career development. We also explore how to discover one’s n

Swift responses to cyberattacks.

Two swift responses to recent cyberattacks. Frontier Communications discloses cyberattack. Texas town repels water system cyberattack by unplugging. List of undesirables falls into the wrong hands. CryptoChameleon phishing kit impersonates LastPass. Ransomware payments trending down in Q1 2024 and a warning for small to medium-sized businesses. US auto manufacturers targeted by FIN7. Akira ransomware has made $42 million since March 2023. No more WhatsApp or Threads in China. Concerning drop in

Unitronics Vision Series PLCs | CISA

Successful exploitation of this vulnerability could allow an attacker to log in to the Remote HMI feature, where the PLC may be factory reset, stopped, and restarted.

The following versions of Unitronics Vision 230 PLCs are affected:

Unitronics Vision Standard PLCs allow a remote, unauthenticated individual to retrieve the 'Information Mode' password in plaintext.

CVE-2024-1480 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string i

CISA and Partners Release Advisory on Akira Ransomware | CISA

Today, CISA, the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Akira Ransomware, to disseminate known Akira ransomware tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as February 2024.

Evolving from an initial focus on Windows systems to a Linux variant t
Load More